IPSEC VPN between Cisco IOS & Netscreen – solved !

This isn’t necessarily Mozilla related but after spending a month on and off trying to get an IPSEC VPN up between a Cisco IOS router and a Juniper Netscreen SSG5 and finding very little help online, I figured I might as well document it here for others to find (myself, for instance, or, hey Google – index this).

For those interested, read on.

First, as a reference, here’s what my network looks like:

I aggregated Mountain View’s internal networks into 10.250.0.0/16. Specific policy controls are done through firewall ACLs and where appropriate I’ve had to tweak NAT statements (ask me if you need more on that).

Juniper Netscreen Configuration
Much of this configuration was gleamed from here, using the WebUI (mostly the policies). If you follow that guide, you’ll only need to set the Proxy ID and change the p2-proposal (well, add the cisco one and change the Gateway proposal to it).

Hotspot Shield was the Virtual Private Network
that everyone was talking about. Mainly because it offered free access to
their network albeit with limited bandwidth usage before they cut you off.
could be a viable alternative to watch Hulu or listen to
Pandora from outside the United States.